2 * Copyright (c) 2016, 2017 Brocade Communications Systems, Inc. and others. All rights reserved.
4 * This program and the accompanying materials are made available under the
5 * terms of the Eclipse Public License v1.0 which accompanies this distribution,
6 * and is available at http://www.eclipse.org/legal/epl-v10.html
9 package org.opendaylight.aaa.shiro.realm;
11 import org.apache.shiro.realm.activedirectory.ActiveDirectoryRealm;
12 import org.slf4j.Logger;
13 import org.slf4j.LoggerFactory;
16 * Wraps the generic <code>ActiveDirectoryRealm</code> provided by Shiro. This
17 * allows for enhanced logging as well as isolation of all realms in a single
18 * package, <code>org.opendaylightaaa.shiro.realm</code>, which enables easier
19 * import by consuming servlets.
21 * To enable the <code>ODLActiveDirectoryRealm</code>, modify the realms
22 * declaration in <code>etc/shiro.ini</code> as follows:
23 * <code>adRealm = org.opendaylight.aaa.shiro.realm.ODLActiveDirectoryRealm
24 * adRealm.searchBase = "CN=Users,DC=example,DC=com"
25 * adRealm.systemUsername = aduser@example.com
26 * adRealm.systemPassword = adpassword
27 * adRealm.url = ldaps://adserver:636
28 * adRealm.groupRolesMap = "CN=sysadmin,CN=Users,DC=example,DC=com":"sysadmin",\
29 * "CN=unprivileged,CN=Users,DC=example,DC=com":"unprivileged"
31 * securityManager.realms = $tokenAuthRealm, $adRealm</code>
33 public class ODLActiveDirectoryRealm extends ActiveDirectoryRealm {
35 private static final Logger LOG = LoggerFactory.getLogger(ODLActiveDirectoryRealm.class);
37 public ODLActiveDirectoryRealm() {
38 LOG.debug("Creating an instance of ODLActiveDirectoryRealm to use with AAA");